General
-
Target
2024-11-11_278f0348072952e52fde5c52d719e275_smoke-loader_wapomi
-
Size
80KB
-
Sample
241111-kamkqawhpd
-
MD5
278f0348072952e52fde5c52d719e275
-
SHA1
677b1078d05072484732571eb146ebf336eaa8b3
-
SHA256
3f01f366567ed8b73ea1ba5d0d275d515a265123896d3d1ceaae8be169146171
-
SHA512
1bece47e48b8777d95ece9a797abd770acc6ab669779695936ba04bb4d8d56907da17ab3622cfc8715d78a11fdf7d2548d0f0b5ea33929753d7ce0c84d589487
-
SSDEEP
1536:fHB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZkxGCq2iW7z:fhAWJGSCTBf12ZYGCH
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-11_278f0348072952e52fde5c52d719e275_smoke-loader_wapomi.exe
Resource
win7-20240903-en
Malware Config
Extracted
bdaejec
ddos.dnsnb8.net
Targets
-
-
Target
2024-11-11_278f0348072952e52fde5c52d719e275_smoke-loader_wapomi
-
Size
80KB
-
MD5
278f0348072952e52fde5c52d719e275
-
SHA1
677b1078d05072484732571eb146ebf336eaa8b3
-
SHA256
3f01f366567ed8b73ea1ba5d0d275d515a265123896d3d1ceaae8be169146171
-
SHA512
1bece47e48b8777d95ece9a797abd770acc6ab669779695936ba04bb4d8d56907da17ab3622cfc8715d78a11fdf7d2548d0f0b5ea33929753d7ce0c84d589487
-
SSDEEP
1536:fHB0UxMkzOt7HcvJGt5AdHIOWnToIf12ZkxGCq2iW7z:fhAWJGSCTBf12ZYGCH
-
Bdaejec family
-
Detects Bdaejec Backdoor.
Bdaejec is backdoor written in C++.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-